VB logon script only works at second logon

Greetings all,

I've run into a strange VBScript error with a logon script I've created. At one point the script has to copy a shortcut to the end users desktop. This has to be copied at each logon because the URL will change from one server to another depending on which is the primary.

When the URL in the source file is changed to a new server, end users log in and the script should overwrite the existing file with the new one that has the correct URL.

Problem is, the script only seems to work the second time the end users log in. Below is the script and any help would be great....

'-----------------------------------------------------
'Get the distinguished name of the user that logged on
'-----------------------------------------------------
strUserPath = "LDAP://" & objSysInfo.UserName
Set objUser = GetObject(strUserPath)

'-----------------------------------------------------
'Get the Logon Server and end script if not xxxxxxx
'-----------------------------------------------------
'DomainLogonServer = WSHProcess("LogonServer")

This is really weird - it has to be some kind of Microsoft glitch. I added the following lines in before the copy. It works great - but only on the second login. Login once and nothing works but no error messages. Login the second time and the file has been deleted and replaced with the new shortcut.

I haven't had time to look at script or know why, unless network is not available when script runs -the i.e. wireless being used etc. but just wondered if instead you could do something like having all the shortcuts present on desktop and using ntfs permissions to stop access to them?

Do you know that the script runs at all, i.e. how far it gets based on other parts of same script, or could put some debugging in, either simple 'wscript.echo "line 1" or some logging to file.

if the script doesnt make it to start at all, we need to look at different to if it fails on first login part way through.

so i add number log output to various parts of the script to see where and when it gets run.

are you sure your only have one logon server ?? each server with AD role can process logons as the NETLOGON folder is replicated. thats one reason i use the sysvol UNC so it doesn't matter.

0

yccdadminsAuthor Commented: 2014-01-14

Hello all and thanks for the input.

Let me try and answer some of the questions to help narrow things down.

- I double checked the script by running it locally (double clicked on the .vbs file) and it works as intended. The script copies the new(er) URL shortcut and overwrites the existing due to the "True" at the end of the objFSO.CopyFile. That's what I've read that is for anyway,

- The script is run via local Group Policy on a Windows RDS server when end users log in to perform tasks.

- After a changes is made to the URL shortcut, and an end user logs in for the first time, the script doesn't seem to run. The reason I say this is because there are no errors revealed from the compiler or in any logs.

- When the end user logs out and then logs back in, everything works like a charm.

I have had this same issue in the past while working for another organization. I'm pretty sure it is a Microsoft "feature" that requires some policy to be enabled (or disabled) but I've lost my notes.

Once you got me searching on "Always wait..." I found it in my notes from a year or so ago. Unfortunately I didn't write down the URL where I found the fix.

Now that I've applied these two GP objects the script runs at first logon every time. My notes said the login was slower when I did this a while back but it might have been the older system - didn't really notice a difference on this server.

Featured Post

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.